By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post

I am not able to redirect my One NLB traffic to Another NLB

0

Hi, my scenario is i have two vpc's one public and another one is private, i want to use NLB of public VPC to NLB of Private VPC using Endpoint service and Endpoint. I have first created one server which is having httpd install and i have pointed my Private NLB to that Server which is in private VPC. Now i have created Endpoint service for this Private NLB and creates Endpoint for this endpoint service in public vpc now after registering this endpoint in endpoint service, i have created Public NLB and use this Endpoint IP as in target group. But still i am not able to get any output when i am hitting DNS of my public NLB, Please note Transit gateway is already configured and i have checked connectivity by curl in public instance for private instance server.

i want to understand what other configuration i have missed? please let me know if you know anything about this use case..

Topics
Networking & Content DeliveryComputeAWS Well-Architected Framework
Tags
Amazon VPCAmazon EC2Networking & Content DeliveryElastic Load BalancingSecurity
Language
English
Shriram
asked 14 days ago39 views
1 Answer
0

If you are using private link then transit gateway is not needed. Connectivity between VPC is certainly not required as PrivateLink provides private connectivity between virtual private clouds (VPCs)

Some things to check..

  1. In your public VPC, your NLB is internet facing
  2. In your public VPC, your NLB is on a public subnet
  3. Your NACL's in the subnets allow bi-directional traffic
  4. Your Security groups on the endpoints need to allow traffic from the NLB IP addresses in the Public VPC
profile picture
Gary Mclean
answered 13 days ago
  • Shriram
    13 days ago

    Thanks for the reply Gary.. For NACL part i have allowed all for both inbound and outbound For 4th point i have allowed all the traffic in endpoint security group

    Rest point i have already followed..

  • Gary Mclean
    13 days ago

    During your testing, what parts work? i.e. connecting to the endpoint service in the public VPC. Connecting to the NLB within the Public VPC.. See if we cant try and narrow the issue down

  • Shriram
    12 days ago

    When I am hitting endpoint service dns from my public instance which is in public vpc, i am able to get the reply. But when I am trying to create target group for public NLB i have used ip of interface endpoint, it is showing me unhealthy though I have accepted the connection in endpoint service. Also sg of interface endpoint allowing all the traffic It seems like only my target group of public NLB not able to connect with interface endpoint dns

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content